Do you think a hardware cutoff switch for the camera, like the Librem 5 and PinePhone, is enough to ensure privacy, or would you really want an actual built-in camera cover like is on some laptops (that presumably also kills the power since the system knows whether the camera is covered). The caveat for only having a switch being that you can’t very easily audit the circuitry to check if it’s actually turning off the camera, but the benefit being that it’s easier to implement, has fewer points of failure, and will leave more room for a bigger camera.

Also, would you want separate switches for front and rear facing cameras or are you okay with turning both of them on and off with one switch?

  • AgreeableLandscapeOP
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    4 years ago

    That begs the question of how one would check if the cutoff switch is working. If a company like Pine64 or Purism says they have cutoff switches in series to the power, would you trust them? What if the devices were audited by a third party? I wonder if there’s a self-test that can determine if they’re working, which you can run from in the OS itself.

    Even if the camera had a cover you can see, that’s not possible for the microphone, radios, etc. Do you think the other components can get away with not having physical indicators of function? Do you consider them significantly less privacy invading than a camera? I mean, in terms of “creep factor,” then yeah, the camera is by far the worst, but if your main concern is confidential information leakage, like if it’s a work computer, the microphone can be just as bad, possibly worse.

    I guess you can take the thing apart and follow the traces from the switch to the camera, but I feel like that’s edging on paranoid, unless you’re like a secret agent or something where someone modifying your specific device before shipping to you is part of your threat model.